View Javadoc
1   /*
2    *  Licensed to the Apache Software Foundation (ASF) under one
3    *  or more contributor license agreements.  See the NOTICE file
4    *  distributed with this work for additional information
5    *  regarding copyright ownership.  The ASF licenses this file
6    *  to you under the Apache License, Version 2.0 (the
7    *  "License"); you may not use this file except in compliance
8    *  with the License.  You may obtain a copy of the License at
9    *  
10   *    http://www.apache.org/licenses/LICENSE-2.0
11   *  
12   *  Unless required by applicable law or agreed to in writing,
13   *  software distributed under the License is distributed on an
14   *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
15   *  KIND, either express or implied.  See the License for the
16   *  specific language governing permissions and limitations
17   *  under the License. 
18   *  
19   */
20  package org.apache.directory.api.ldap.aci;
21  
22  
23  import java.util.ArrayList;
24  import java.util.Collection;
25  import java.util.Collections;
26  import java.util.HashSet;
27  import java.util.Set;
28  
29  import org.apache.directory.api.i18n.I18n;
30  import org.apache.directory.api.ldap.model.constants.AuthenticationLevel;
31  
32  
33  /**
34   * A flatten entity which is converted from an {@link ACIItem}. The tuples are
35   * accepted by ACDF (Access Control Decision Function, 18.8, X.501)
36   * 
37   * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
38   */
39  public class ACITuple
40  {
41      /** The collection of {@link UserClass}es this tuple relates to **/
42      private final Collection<UserClass> userClasses;
43  
44      /** The level of authentication required */
45      private final AuthenticationLevel authenticationLevel;
46  
47      /** The collection of {@link ProtectedItem}s this tuple relates */
48      private final Collection<ProtectedItem> protectedItems;
49  
50      /** The set of {@link MicroOperation}s this tuple relates */
51      private final Set<MicroOperation> microOperations;
52  
53      /** Tells if this tuple grant some access */
54      private final boolean grant;
55  
56      /** The precedence for this tuple */
57      private final Integer precedence;
58  
59  
60      /**
61       * Creates a new instance.
62       * 
63       * @param userClasses the collection of {@link UserClass}es this tuple relates to
64       * @param authenticationLevel the level of authentication required
65       * @param protectedItems the collection of {@link ProtectedItem}s this tuple relates
66       * @param microOperations the collection of {@link MicroOperation}s this tuple relates
67       * @param grant <tt>true</tt> if and only if this tuple grants an access
68       * @param precedence the precedence of this tuple (<tt>0</tt>-<tt>255</tt>)
69       */
70      public ACITuple(
71          Collection<UserClass> userClasses,
72          AuthenticationLevel authenticationLevel,
73          Collection<ProtectedItem> protectedItems,
74          Collection<MicroOperation> microOperations,
75          boolean grant,
76          Integer precedence )
77      {
78          if ( authenticationLevel == null )
79          {
80              throw new IllegalArgumentException( I18n.err( I18n.ERR_04003_NULL_AUTHENTICATION_LEVEL ) );
81          }
82  
83          if ( precedence < 0 || precedence > 255 )
84          {
85              throw new IllegalArgumentException( I18n.err( I18n.ERR_04002_BAD_PRECENDENCE, precedence ) );
86          }
87  
88          this.userClasses = Collections.unmodifiableCollection( new ArrayList<UserClass>( userClasses ) );
89          this.authenticationLevel = authenticationLevel;
90          this.protectedItems = Collections.unmodifiableCollection( new ArrayList<ProtectedItem>( protectedItems ) );
91          this.microOperations = Collections.unmodifiableSet( new HashSet<MicroOperation>( microOperations ) );
92          this.grant = grant;
93          this.precedence = precedence;
94      }
95  
96  
97      /**
98       * Gets the collection of {@link UserClass}es this tuple relates to.
99       *
100      * @return the collection of {@link UserClass}es
101      */
102     public Collection<UserClass> getUserClasses()
103     {
104         return userClasses;
105     }
106 
107 
108     /**
109      * Gets the level of authentication required.
110      *
111      * @return the authentication level
112      */
113     public AuthenticationLevel getAuthenticationLevel()
114     {
115         return authenticationLevel;
116     }
117 
118 
119     /**
120      * Gets the collection of {@link ProtectedItem}s this tuple relates.
121      *
122      * @return the collection of {@link ProtectedItem}s
123      */
124     public Collection<ProtectedItem> getProtectedItems()
125     {
126         return protectedItems;
127     }
128 
129 
130     /**
131      * Gets the collection of {@link MicroOperation}s this tuple relates.
132      *
133      * @return the collection of {@link MicroOperation}s
134      */
135     public Collection<MicroOperation> getMicroOperations()
136     {
137         return microOperations;
138     }
139 
140 
141     /**
142      * Gets <tt>true</tt> if and only if this tuple grants an access.
143      *
144      * @return <tt>true</tt> if and only if this tuple grants an access
145      */
146     public boolean isGrant()
147     {
148         return grant;
149     }
150 
151 
152     /**
153      * Gets the precedence of this tuple (<tt>0</tt>-<tt>255</tt>).
154      *
155      * @return the precedence
156      */
157     public Integer getPrecedence()
158     {
159         return precedence;
160     }
161 
162 
163     /**
164      * {@inheritDoc}
165      */
166     @Override
167     public String toString()
168     {
169         return "ACITuple: userClasses=" + userClasses + ", " + "authenticationLevel=" + authenticationLevel + ", "
170             + "protectedItems=" + protectedItems + ", " + ( grant ? "grants=" : "denials=" ) + microOperations + ", "
171             + "precedence=" + precedence;
172     }
173 }